Stubdoms and/or Driver Domains in XCP-ng - are they possible?
I haven't seen any documentation on the matter, but I was wondering if either Stub Domains or Driver Domains are something that is feasibly achievable in an XCP-ng cluster environment?
I've been using both for a while now in Xen and love the idea of "separation of concerns" that DDs give and the added security of stubdoms.
For anyone not familiar, Stub Domains are small micro-code Xen domains that are responsible for the QEMU duties of a Xen guest, rather than dom0 being in charge of this. Driver Domains being similar, in that they take away control things of like networking away from dom0 and stuck them in a small PV guest.
I am pretty new to XAPI so have no idea if this totally possible, and is a simple config line change somewhere or if I'm barking mad.
Either way, I'd love to know.
It's technically doable, but complex: there's some specific issues with it (like how to do deal with deps between driver domains and if they crash, and so on).
However, my opinion is those drive domains will be replaced in the next years, by physical hardware. That's exactly what DPUs can bring to Xen. See https://xcp-ng.org/blog/2021/07/12/dpus-and-the-future-of-virtualization/
In short, you'll have a dedicated card inside your server, that will handle storage and/or network, leaving dom0 doing less work (only XAPI calls).
Note that in the embed world, there's some use case to statically partition the hardware, so you don't even need a dom0 at all!
@olivierlambert Thanks for the introduction to DPU, can't say I've heard of it before, but that certainly looks cool!
Any idea if Stub Domains are at all possible within a XAPI world (if so, any pointers to achieve this would be appreciated).
Also just wanna say you guys are awesome, XCP-ng + Xen Orchestra are incredible pieces of software, and the few times I've needed help here on the forum, @olivierlambert or one of your colleagues has jumped to the rescue in minutes!
Appreciate all the work you are doing, XCP-ng FTW!
Stub dom in XAPI: no. I don't think it ever landed in XenServer, ever. Maybe some PoC at Citrix, but I'm 100% sure nothing visible for external users due to those problems in case something goes wrong.
Also, doing the "software" way will probably replaced by "hardware" domains, like it's already done at AWS with Nitro.
And thanks for the appreciation!
@olivierlambert Perfect, thanks again for your time!